March 9, 2020
has partnered with Neighbourhoodie, the makers of Greenkeeper, to
collaborate and build a solution for keeping open source dependencies
current and secure. The result of that effort, Automatic Dependency
Upgrades, is now included with Snyk Open Source, the industry's most
developer-friendly solution for software development teams to easily
find, and automatically fix, open source vulnerabilities.
Maintaining updated open source dependencies is important to proactively
reduce security risk and performance issues and to optimize for overall
quality improvements. In some cases, keeping software up to date is a
requirement for compliance with some policies such as HIPAA. However,
maintaining current and healthy dependencies manually is time consuming,
risky, and becomes more complex over time as the number of versions to
"Our goal has always been to stay at the forefront of innovation for
developer-centric tooling," said Jan Lehnardt, CEO at Neighbourhoodie.
"But we soon realized that to do this for dependency upgrades, we needed
to find the right partner who shared our vision and prioritized the
developer experience the way that we do," added Simone Haas, CEO at
Neighbourhoodie Software, the makers of Greenkeeper. "We found this
partnership with Snyk, and we are excited to be bringing customers an
industry-leading approach to automated dependency upgrades and building
more secure software."
collaboration between Snyk and Greenkeeper now offers customers a
market-leading capability for Automated Dependency Upgrades that
Frictionless integration into developer workflows;
information to inform priorities and decisions; and
Control over the
pace and volume of updates.
upgrade pull requests have automated away loads of manual effort, by
automatically recommending secure package updates," said Snyk customer
Joe Emison, Cofounder and CTO at Branch Insurance.
"Snyk's mission is to enable developers to build software securely.
Keeping open source dependencies current is a critical component to
proactively mitigating risk in software development. However, this is
hard for developers to do manually," said Aner Mazur, Chief Product
Officer, Snyk. "By collaborating with the Greenkeeper team, the pioneers
in this space, we are delivering an automated solution that helps
developers prioritize the most important upgrades and control the pace
of all upgrades to ensure the best balance between dependency
maintenance and new software development."